package com.hospital.servlet;

import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;

import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import com.hospital.model.Department;
import com.hospital.util.DbUtil;
import com.hospital.util.MD5;

@WebServlet("/manage/UserInfoServlet")
public class UserInfoServlet extends HttpServlet {

	protected void doPost(HttpServletRequest request,HttpServletResponse response) 
			throws ServletException, IOException {
		String method = request.getParameter("method");
		if ("add".equals(method)) {
			String r = request.getParameter("root");
			if(r.equals("5")){
				String account = request.getParameter("account").trim();
				String pswd = request.getParameter("pswd").trim();
				String md5password = MD5.MD5(pswd);
				String root = request.getParameter("root");
				String sex = request.getParameter("sex");
				String birthday = request.getParameter("birthday");
				String address = request.getParameter("address");
				String tel = request.getParameter("tel");
				String money = request.getParameter("money");
				String NULL = "null";
				String sql = "insert into t_patient_info(account, pswd, root, sex, birthday, address, tel, money, sickbedId, Inhospitable, intime, outtime) values('"
				+ account + "', '" + md5password + "','" + root + "', '" + sex + "', '" + birthday + "', '" + address + "', '" + tel + "', '" + money + "', '" + "'null'" + "', '" + "'null'" + "', '" + "'null'" + "', '" + "'null'" + "')";
				DbUtil.add_modify(sql);
				request.getRequestDispatcher("/manage/user_info_manage.jsp").forward(request, response);
			}else{
				Department department = new Department();
				Connection conn = null;
				PreparedStatement stmt = null;
				ResultSet rs = null;
				int deptId = 0;
				String account = request.getParameter("account").trim();
				String pswd = request.getParameter("pswd").trim();
				String md5password = MD5.MD5(pswd);
				String root = request.getParameter("root");
				String sex = request.getParameter("sex");
				String birthday = request.getParameter("birthday");
				String address = request.getParameter("address");
				String tel = request.getParameter("tel");
				String departmentName = request.getParameter("name");
				String school = request.getParameter("school");
				String education = request.getParameter("education");
				String sql1 = "select deptId from t_department where name = ?";
				conn = DbUtil.getConnection();
				try {
					stmt = conn.prepareStatement(sql1);
					stmt.setString(1, departmentName);
					rs = stmt.executeQuery();
					while(rs.next()){
						deptId = rs.getInt(1);
					}
					String money = request.getParameter("money");
					String sql = "insert into t_user_info(deptId , account, pswd, root, sex, birthday, address, tel, departmentName, money, school, education) values('"
					+ deptId +"', '" + account + "', '" + md5password + "','" + root + "', '" + sex + "', '" + birthday + "', '" + address + "', '" + tel + "', '" + departmentName +"', '" + money +"', '" +school+"', '" +education+ "')";
					DbUtil.add_modify(sql);
				} catch (SQLException e) {
					// TODO Auto-generated catch block
					e.printStackTrace();
				}
				request.getRequestDispatcher("/manage/user_info_manage.jsp").forward(request, response);
			}
			
		} else if ("del".equals(method)) {
			String[] id = request.getParameterValues("selectFlag");
			DbUtil.del("t_user_info", id);
			request.getRequestDispatcher("/manage/user_info_manage.jsp").forward(request, response);
		} else if ("modify".equals(method)) {
			int id = Integer.parseInt(request.getParameter("id"));
			String pswd = request.getParameter("pswd").trim();
			String md5password = MD5.MD5(pswd);
			String root = request.getParameter("root");
			String sex = request.getParameter("sex");
			String birthday = request.getParameter("birthday");
			String address = request.getParameter("address");
			String tel = request.getParameter("tel");
			String money = request.getParameter("money");
			String sql = "update t_user_info set pswd = '" + md5password + "', root = '" + root + "', sex = '" + sex + 
					"', birthday = '" + birthday + "', address = '" + address + "', tel = '" + tel + "', money = '" + money + "' where id = " + id;
			DbUtil.add_modify(sql);
			request.getRequestDispatcher("/manage/user_info_manage.jsp").forward(request, response);
/*			DbUtil connimage = new DbUtil();
			String filename=request.getParameter("image");    
			InputStream str=new FileInputStream(filename);   
			String sqlimage="update t_user_info set image = '" + str + "' where id = " + id  ;
			DbUtil.add_modify(sqlimage);
			System.out.println("=================成功添加图片===============");*/
		} else if ("dellogintime".equals(method)){
			String[] id = request.getParameterValues("selectFlag");
			DbUtil.del("t_login_time", id);
			request.getRequestDispatcher("/manage/logintime_info_manage.jsp").forward(request, response);
		}
		
	}
}